7-Technologies IGSS < 18.104.22.16829 Multiple DoS Vulnerabilities
Medium Nessus Plugin ID 54291
SynopsisThe remote Windows host contains a SCADA application that is affected by multiple denial of service vulnerabilities.
DescriptionThe installed version of IGSS from 7-Technologies is earlier than 22.214.171.12429 and is, therefore, reportedly affected by several denial of service vulnerabilities.
Using specially crafted packets to the IGSSdataServer service listening on TCP port 12401 or the dc.exe service on TCP port 12397, an unauthenticated, remote attacker can crash the 7T data server, thereby denying service to legitimate users.
SolutionApply the IGSS Update to upgrade to IGSS version 126.96.36.19929 or later.